[GRASS-dev] GSoC 2014: GRAS GIS Web UI

Glynn Clements glynn at gclements.plus.com
Tue Mar 11 02:40:04 PDT 2014


Hamish wrote:

> And even in a chroot jail a few big loops could use up all the given
> RAM or disk space by mistake or on purpose.

Memory limits can be enforced by setrlimit(), via the "ulimit" shell
command or the pam_limits module.

However, you can't set cumulative limits[1]. You can limit the memory
usage of an invidivual process, and limit the total number of
processes for a single user (UID), but you can't set a cumulative
limit below the product of the maximum number of processes times the
maximum memory per process.

Disk usage can be restricted by using quotas or by creating a separate
filesytem (e.g. on a loop device) for each account.

CPU usage can be restricted on a per-process basis via setrlimit()
etc. Again, there's no way to set a cumulative limit. Also, "nice" can
be used to de-prioritise processes so that more important processes
aren't pre-empted.

[1] On Linux, control groups (cgroups) can be used to "partition"
system resources. Virtual machines are another potential solution,
albeit a rather heavy-weight one.

-- 
Glynn Clements <glynn at gclements.plus.com>


More information about the grass-dev mailing list